PT-2017-6468 · Zte · Zte Datacard Mf19

Published

2017-08-28

Updated

2017-09-12

CVE-2015-0974

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions ZTE Datacard MF19 version 0V1.0.0B04

Description The issue allows local users to gain privileges by modifying the 'Ucell Internet' directory. This is done by referencing a malicious mms dll r.dll or mediaplayerdll.dll.

Recommendations For ZTE Datacard MF19 version 0V1.0.0B04, consider restricting access to the 'Ucell Internet' directory to prevent modification and referencing of malicious dll files such as mms dll r.dll or mediaplayerdll.dll until a patch is available.

Exploit

Fix

Untrusted Search Path

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-426

Related Identifiers

CVE-2015-0974

Affected Products

Zte Datacard Mf19

PT-2017-6468 · Zte · Zte Datacard Mf19

CVE-2015-0974

Weakness Enumeration

Related Identifiers

Affected Products

References · 2